Description:
A vulnerability was reported in CubeCart. A remote user can hijack a target user's session.

A remote user can conduct a session fixation attack by specifying a PHPSESSID value that, when loaded by the target user, will enable the remote user to hijack the target user's session using the same PHPSESSID.